Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force
Show in Graph
Image Description
Common Information
Type Value
UUID cae229b7-1f1c-449d-9d08-df229db1708a
Fingerprint ef0c651ab0615faac56c1a64d91cfe5de3c81576e3e0fc0c46e081bdce5291ce
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 16, 2018, 2:35 p.m.
Added to db April 14, 2024, 10:04 a.m.
Last updated Aug. 30, 2024, 10:36 p.m.
Headline Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force
Title Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force
Detected Hints/Tags/Attributes 46/1/27
Source URLs
Redirection Url
Details Source https://documents.trendmicro.com/assets/Outlaw_Group_Distributes_Botnet_for_Cryptocurrency-Mining_Scanning_Brute-Force_appendix.pdf
URL Provider
Details Provider Source level domain
Details trendmicro.com documents.trendmicro.com
Attributes
Details Type #Events CTI Value
Details Domain 3 
min.sh
Details Domain 1174 
gmail.com
Details Domain 24 
gmx.de
Details Domain 3 
sparky.sh
Details Domain 11 
coinminer.sh
Details Domain 3 
www.karaibe.us
Details Domain 1 
bookaires.com
Details Domain 1 
txmr.com
Details Domain 1 
nano.sh
Details Domain 604 
www.trendmicro.com
Details Email 1 
aaaaa@gmail.com
Details Email 1 
deutscheshop@gmx.de
Details Email 1 
hoffmannklaus254@gmail.com
Details Email 1 
shopde2018@gmx.de
Details File 26 
class.php
Details File 3 
finish.php
Details File 7 
trojan.php
Details File 49 
info.php
Details IPv4 1 
67.205.129.169
Details Url 1 
http://67.205.129.169/.foo/min.sh
Details Url 3 
http://www.karaibe.us/.foo/min.sh
Details Url 1 
http://bookaires.com/feed/min.sh
Details Url 3 
http://www.karaibe.us/.foo/remote/info.php
Details Url 1 
http://www.karaibe.us/.foo/feed/feedp.php
Details Url 1 
http://www.karaibe.us/.foo/feed/class.php
Details Url 1 
http://67.205.129.169/.foo/monero.tgz
Details Url 1 
http://www.karaibe.us/.foo/nano.php